Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

Turncoat AI Agents Emerge as the New Inside Hackers

By Kim S. Nash
 

Hello. AI agents that go rogue, drift, or get hijacked by hackers are as hard to detect as any insider threat. 

These digital helpers are granted access to apps and data so any out-of-bounds activity can go unnoticed unless behavioral tools are finely tuned.

Currently, organizations on average have roughly 45 digital identities for every one employee, according to Morey Haber, chief security adviser at BeyondTrust. And more AI agents come to life every day. Read our full story.

Also today: 

  • High-severity bug in Palo Alto Networks firewalls
  • Due diligence firm IMA Diligence Services hacked
  • Hearing Wednesday on national privacy bill
  • And more
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
A 6-Step Approach to Protecting Enterprises From Cyber Risk

As AI models discover software vulnerabilities at machine speed, the question shifts from “Can we patch?” to “How do we reduce blast radius?” In this short video, Jay Chaudhry, CEO Zscaler, explains how to reduce your attack surface, govern AI agents and limit breach impact using a 6-step approach that enterprises can execute in weeks. Take action today.

Watch the video

 

More Cyber News

PHOTO: JEENAH MOON/REUTERS

A high-severity vulnerability in Palo Alto Networks firewalls is being exploited to create unsanctioned VPN connections into corporate and other networks. U.S. cyber officials on Friday ordered federal agencies to fix systems at risk immediately. (Cybersecurity Dive)

Due diligence provider hacked. IMA Diligence Services, which does research for mergers and acquisitions, investments and other corporate transactions, is notifying tens of thousands of people in several states of a data breach. Hackers stole information in December from a file server managed by a third party, the company said in notices to regulators in Maine, Texas, California, Massachusetts and other states. 

  • IMA said it has since decommissioned the server.
  • Personal, financial, medical and health-insurance details were compromised.

PHOTO: TOM WILLIAMS/ZUMA PRESS

Happening Wednesday: Republican Reps. Gus Bilirakis of Florida (pictured) and Brett Guthrie of Kentucky plan to hold a hearing on the SECURE Data Act, a bill to create a national data-privacy and security law. Tune in at 10:15 a.m. ET. 

Privately held lender Plaza Home Mortgage said a February cyberattack compromised personal data for customers and employees, including information related to loan applications. 
Alt text.

What You Can Do About Anthropic’s Mythos Superhacker AI

Anthropic said its powerful new AI model, Mythos, could be dangerous in the wrong hands. WSJ’s Nicole Nguyen explains why and shares some cybersecurity tips for the average tech user.
Watch Now
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2026 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe